[jboss-as7-dev] Secure HTTP API Endpoint

Heiko Braun hbraun at redhat.com
Thu May 26 03:57:08 EDT 2011

Previous message: [jboss-as7-dev] Secure HTTP API Endpoint
Next message: [jboss-as7-dev] Secure HTTP API Endpoint
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

In general I would agree with your approach.

But AFAIK the HTTP API endpoint doesn't support authorization schemes.
So no roles in this case. 

On May 26, 2011, at 9:39 AM, Remy Maucherat wrote:

> The right solution is to require some special role for any admin or
> management operations, but not provide any default user having it. So,
> locked down by default.

Previous message: [jboss-as7-dev] Secure HTTP API Endpoint
Next message: [jboss-as7-dev] Secure HTTP API Endpoint
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the jboss-as7-dev mailing list